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DETAILED ACTION 

Claims 1-21 are amended and pending for examination. 
Claims 1-21 are rejected. 

Drawings 

The drawings were received on 29 February 2008. These drawings are 
accepted, and the objection to the drawings is withdrawn. 

Specification 

Amended specification was received on 29 February 2008. This specification is 
accepted, and the objection to the specification is withdrawn. 

Response to Arguments 

Applicant's arguments filed 29 February 2008 have been fully considered but 
they are not persuasive. Applicant suggests cited reference patent US 6 961 783, Cook 
et al does not teach amended limitations of claims 1-3, 8-10, and 15-17. Examiner 
disagrees and maintains previous rejection. Further elaboration as follows. 

Claim Rejections - 35 USC § 102 
1 . The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351 (a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 
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2. Claims 1-3, 8-10, and 15-17 rejected under 35 U.S.C. 102(e) as being 
anticipated by US 6 961 783, Cook et al. 

3. As per claims 1 , 8, and 15, Cook teaches a name/address translation device, 
method, and computer-readable medium recording a program (abstract) comprising: 

an identifying unit for identifying, when a query about an address corresponding 
to a name of a communication destination is received from a communication source, a 
network type of a network to which the communication source belongs and a network 
type of a network to which the communication destination belongs (column 6, line 61 to 
column 7, line 7, where the device has multiple network interfaces, where the inside 
interface may be connected to a private network, while the outside interface is 
connected to a public network such as the Internet. In addition, each interface is fitted 
appropriately for communication with media, logic, and memory to communicate with 
the various media types. This logic and difference between internal and external private 
and public networks allows the device to distinguish between the network types of the 
source and destination by which interfaces the communications are associated with); 

a judging unit judging, based on a result of identification by the identifying unit, 
whether or not to allow to give a response including the address corresponding to the 
name of the communication destination to the communication source of the query 
(column 5, lines 23-34, where the system access list may require device verification in 
order to respond with the requested address. This verification serves to judge whether 
the requesting device is allowed access to the destination address); and 
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a response unit for giving the response to the communication source when the 
judging unit judges that it is allowable to give the response (column 5, lines 1-10, where 
the DNS server resolves the domain name into an IP address and forwards it to the 
requesting client). 

4. As per claims 2, 9, and 16, Cook teaches a name/address translation device, 
method, and computer-readable medium recording a program (abstract) comprising: 
a receiving unit for receiving, from a communication source, a query about an 
address corresponding to a name of a communication destination (Figure 4, network 
interface 54); 

an identifying unit identifying which of a first network and a second network the 
communication source and the communication destination belong to each (column 6, 
line 61 to column 7, line 7, where the device has multiple network interfaces, where the 
inside interface may be connected to a private network, while the outside interface is 
connected to a public network such as the Internet. In addition, each interface is fitted 
appropriately for communication with media, logic, and memory to communicate with 
the various media types. This logic and difference between internal and external private 
and public networks allows the device to distinguish between the network types of the 
source and destination by which interfaces the communications are associated with); 

a searching unit for searching for an address of the communication destination to 
be given to the communication source as a response to the query when the identifying 
unit identifies that the communication source belongs to the first network and that the 
communication destination belongs to the second network (column 5, lines 1-10, where 
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the DNS server resolves the IP address of the requested domain name for a client 
requesting an Internet IP address. This, along with column 6, line 61 to column 7, line 7, 
where the device has multiple network interfaces, where the inside interface may be 
connected to a private network, while the outside interface is connected to a public 
network such as the Internet, shows that the client on a private address may request the 
public IP address of a domain name from the domain name server); and 

a sending unit for sending the response containing the address of the 
communication destination to the communication source when the searching unit 
searched the address of the communication destination, and rejecting the query when 
the identifying unit identifies that the communication source belongs to the second 
network and the communication destination belongs to the first network (column 5, lines 
1-10, where the DNS server resolves the domain name into an IP address and forwards 
it to the requesting client, along with Figure 3, also column 7, lines 20-22, where the 
address is not returned if the source is not allowed to access the destination). 
5. As per claims 3, 1 0, and 1 7, Cook teaches a name/address translation device, 
method, and computer-readable medium recording a computer program according to 
claims 2, 9, and 16, 

wherein the sending unit invalidates sending the response, if there is no 
application of which a use is permitted in a communication between the communication 
source and the communication destination when the identifying unit identifies that the 
communication source belongs to the first network and the communication destination 
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belongs to the second network (column 7, lines 20-22, where the address is not 
returned if the source is not allowed to access the destination). 

Claim Rejections - 35 USC § 103 

6. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

7. Claims 4-7, 11-14, and 18-21 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over US 6 961 783, Cook et al as applied to claims 2, 9, and 16 above, 
and further in view of US 7 093 288, Hydrie et al. 

8. As per claims 4,11, and 1 8, Cook teaches a name/address translation device, 
method, and computer-readable medium recording a program according to Claims 2, 9, 
and 16. 

Cook does not teach a system with any type of firewall or packet filtering. Hydrie 
teaches a system of network communication containing a packet filtering system and 
method comprising: 

a notifying unit notifying, when a response containing a second terminal 
corresponding to the communication destination belonging to the second network is 
given to a first terminal corresponding to the communication source belonging to the 
first network, a routing device of passage information for letting a data pass through that 
are forwarded between the first terminal and the second terminal, the routing device 
receiving the data forwarded between the first network and the second network and 
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letting only the data with its passage permitted pass through, and effecting an address 
translation between the first network and the second network (column 4, lines 25-40, 
where the filters are accessed by the controller, and thus the controller becomes aware 
of the passage rules, and either allows or denies communication between devices). 
It would have been obvious to one of ordinary skill in the art at the time of the invention 
to include a method of packet filtering such as that taught by Hydrie in the system of 
Cook. Packet filtering allows a user to determine whether communication should be 
allowed between devices based on a desired rule set (Hydrie, abstract). This would 
have been beneficial in Cook's system, as it would have provided an additional layer of 
protection to deny communication between devices, which is not allowed by the access 
list. 

9. As per claims 5, 12, and 19, the combination of Cook and Hydrie teaches a 
name/address translation device, method, and computer program according to Claims 
4, 11, and 18., 

wherein the notifying unit notifies the routing device of passage information 
containing a first network address used in the first network that is virtually assigned to 
the second terminal and a second network address that the second terminal uses on 
the second network, so that the routing device translates, when a data transmitted from 
the second terminal passes through, the second network address a source address 
included in the data into the first network address (Hydrie teaches this limitation. 
Column 4, lines 42-50 show the virtualization data, which includes a map of the virtual 
devices. This map contains information on the communication source and destination, 
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and also contains translation information for translating the virtual addresses to real 
addresses), and 

wherein the sending unit sends a response containing the first network address 
so that the first terminal adds the first network address as a destination address to a 
data addressed to the second terminal to transmit the data addressed to the second 
terminal, and that the routing device translates, when the data addressed to the second 
terminal passes through, translates, when the data addressed to the second terminal 
passes through, the destination address into the second network address (Hydrie 
teaches this limitation. Column 4, lines 60-64 show that the network mediator uses the 
mapped addresses contained in the virtualization data to convent the addresses and 
forwards the communication). 

It would have been obvious to one of ordinary skill in the art at the time of the invention 
to include the virtualization system as taught by Nakamura in the system of Cook. This 
system of virtualizing addresses restricts access between devices (Nakamura, 
abstract), and would provide an additional layer of protection for the communication 
between two devices where the communication should be denied. 
1 0. As per claims 6, 1 3, and 20, the combination of Cook and Hydrie teaches a 
name/address translation device, method, and computer program according to Claims 
4, 11, and 18, wherein the notifying unit notifies the routing device of the passage 
information further containing information about an application of which the utilization is 
permitted in the communication between the first terminal and the second terminal in 
order for the routing device to let only the data pass through which is based on the 
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application of which the utilization is permitted between the first terminal and the second 
terminal (Hydrie teaches this limitation. Column 6, lines 40-50 show an example of the 
system working with multiple filters, where one filter restricts the communication 
between two devices to a particular protocol). 

It would have been obvious to one of ordinary skill in the art at the time of the invention 
to include a method of packet filtering such as that taught by Hydrie in the system of 
Cook. Packet filtering allows a user to determine whether communication should be 
allowed between devices based on a desired rule set (Hydrie, abstract). This would 
have been beneficial in Cook's system, as it would have provided an additional layer of 
protection to deny communication between devices, which is not allowed by the access 
list. In particular, restricting access to a particular protocol would provide further 
security, as even with a connection, a device would not have full control over another 
device. 

11. As per claims 7, 14, and 21 , the combination of Cook and Hydrie teaches a 
name/address translation device, method, and computer-readable medium recording a 
program according to claims 4, 1 1 , and 18 wherein the notifying unit notifies, before the 
sending unit sends the address of the second terminal, the routing device of the 
passage information (Hydrie teaches this limitation. Column 4, lines 25-40 show that the 
passage information is maintained in the filter list, thus providing a stable source of the 
passage information which can be accessed at any time). 

It would have been obvious to one of ordinary skill in the art at the time of the invention 
to include a method of packet filtering such as that taught by Hydrie in the system of 
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Cook. Packet filtering allows a user to determine whether communication should be 
allowed between devices based on a desired rule set (Hydrie, abstract). This would 
have been beneficial in Cook's system, as it would have provided an additional layer of 
protection to deny communication between devices, which is not allowed by the access 
list. 

Conclusion 

12. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to THOMAS RICHARDSON whose telephone number is 
(571 ) 270-1 1 91 . The examiner can normally be reached on Monday through Thursday, 
8am-5pm EST. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, William Vaughn can be reached on (571) 272-3922. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



TR 

3/21/2008 

/William C. Vaughn, Jr./ 

Supervisory Patent Examiner, Art Unit 2144 



